1
RogueKiller / Re: PUM detected
« on: April 03, 2023, 02:19:34 PM »
Hi Curson,
I thought that is it something with UAC but i was not 100% sure.
Thanks
I thought that is it something with UAC but i was not 100% sure.
Thanks
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
RogueKiller / PUM detected
« on: April 02, 2023, 03:54:17 PM »
Hello,
I ran scan and found this...
What is this?
I ran scan and found this...
What is this?
3
RogueKiller / Re: RogueKiller detect threat
« on: September 14, 2015, 05:40:10 PM »
Hi Curson
Okay thanks.
Okay thanks.
4
RogueKiller / Re: RogueKiller detect threat
« on: September 13, 2015, 06:03:30 PM »
Hi,
what about this okay?
[PUM.Policies] HKEY_LOCAL_MACHINE\RK_Software_ON_D_BC8E\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
what about this okay?
[PUM.Policies] HKEY_LOCAL_MACHINE\RK_Software_ON_D_BC8E\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
6
RogueKiller / Re: Seems like false positive again
« on: July 23, 2015, 07:16:06 PM »
Hi
Okay thanks,when can i expect new version? about couple weeks?
Okay thanks,when can i expect new version? about couple weeks?
7
RogueKiller / Re: Seems like false positive again
« on: July 22, 2015, 07:44:24 PM »
Thank you
And i noticed when program scanning sometime freezes (i can not use start or open folders from desktop) and scan time take it long.
And i noticed when program scanning sometime freezes (i can not use start or open folders from desktop) and scan time take it long.
8
RogueKiller / Seems like false positive again
« on: July 21, 2015, 03:51:46 PM »
Hey!
Today i ran scan but files like Kaspersky are marked as malware.
Below is log...
Thank you
Today i ran scan but files like Kaspersky are marked as malware.
Below is log...
Thank you
9
RogueKiller / Re: RogueKiller detect threat
« on: April 14, 2015, 10:29:52 AM »
Hi,
Ok thanks for info again
Ok thanks for info again
10
RogueKiller / Re: RogueKiller detect threat
« on: April 13, 2015, 06:30:28 PM »
Hi
Yes this is in Slovakia 88.212.8.8 88.212.8.88.
This is bug in roguekiller? Because i see this.
Yes this is in Slovakia 88.212.8.8 88.212.8.88.
This is bug in roguekiller? Because i see this.
11
RogueKiller / Re: RogueKiller detect threat
« on: April 12, 2015, 02:18:36 PM »
Hello
Today i ran scan with newest version 10.5.9 and i have same problem see log please
RogueKiller V10.5.9.0 [Apr 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Mato [Práva správce]
Started from : D:\RogueKiller.exe
Mód : Prohledat -- Datum : 04/12/2015 14:13:55
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-3768633770-1161998090-4180713237-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.facebook.com/ -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 ATA Device +++++
--- User ---
[MBR] ec37889b1405c0ee8cfe7157ff322873
[BSP] 8e8aa1e4f461b71cb441cfc9b4c3e2d1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 152622 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 312571904 | Size: 152621 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_03292015_171539.log - RKreport_SCN_04012015_100011.log
Today i ran scan with newest version 10.5.9 and i have same problem see log please
RogueKiller V10.5.9.0 [Apr 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Mato [Práva správce]
Started from : D:\RogueKiller.exe
Mód : Prohledat -- Datum : 04/12/2015 14:13:55
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-3768633770-1161998090-4180713237-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.facebook.com/ -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : 88.212.8.8 88.212.8.88 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 ATA Device +++++
--- User ---
[MBR] ec37889b1405c0ee8cfe7157ff322873
[BSP] 8e8aa1e4f461b71cb441cfc9b4c3e2d1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 152622 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 312571904 | Size: 152621 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_03292015_171539.log - RKreport_SCN_04012015_100011.log
12
RogueKiller / Re: RogueKiller detect threat
« on: April 01, 2015, 08:15:10 PM »
Hello
Thanks for helpful info.
Thanks for helpful info.
13
RogueKiller / Re: RogueKiller detect threat
« on: April 01, 2015, 03:00:42 PM »
Hello
Okay so what PUM in registry? False positive also?
Okay so what PUM in registry? False positive also?
14
RogueKiller / Re: RogueKiller detect threat
« on: April 01, 2015, 10:05:19 AM »
hi,
you wanna log right? Ok here is it...
RogueKiller V10.5.8.0 [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Mato [Práva správce]
Started from : D:\RogueKiller.exe
Mód : Prohledat -- Datum : 04/01/2015 10:00:11
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-3768633770-1161998090-4180713237-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.facebook.com/ -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 2 (Driver: Nahrán) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Harddisk0\DR0 : \Driver\partmgr @ Unknown (\SystemRoot\system32\DRIVERS\cm_km_w.sys)
[Filter(Kernel.Filter)] \Driver\Disk @ \Device\Harddisk0\DR0 : \Driver\partmgr @ Unknown (\SystemRoot\system32\DRIVERS\cm_km_w.sys)
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 ATA Device +++++
--- User ---
[MBR] ec37889b1405c0ee8cfe7157ff322873
[BSP] 8e8aa1e4f461b71cb441cfc9b4c3e2d1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 152622 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 312571904 | Size: 152621 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_03292015_171539.log
you wanna log right? Ok here is it...
RogueKiller V10.5.8.0 [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Mato [Práva správce]
Started from : D:\RogueKiller.exe
Mód : Prohledat -- Datum : 04/01/2015 10:00:11
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-3768633770-1161998090-4180713237-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.facebook.com/ -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{383D8FB7-E60C-4D94-A3EC-8D7DE9CFE538} | DhcpNameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 2 (Driver: Nahrán) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Harddisk0\DR0 : \Driver\partmgr @ Unknown (\SystemRoot\system32\DRIVERS\cm_km_w.sys)
[Filter(Kernel.Filter)] \Driver\Disk @ \Device\Harddisk0\DR0 : \Driver\partmgr @ Unknown (\SystemRoot\system32\DRIVERS\cm_km_w.sys)
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 ATA Device +++++
--- User ---
[MBR] ec37889b1405c0ee8cfe7157ff322873
[BSP] 8e8aa1e4f461b71cb441cfc9b4c3e2d1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 152622 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 312571904 | Size: 152621 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_03292015_171539.log
15
RogueKiller / RogueKiller detect threat
« on: March 29, 2015, 05:34:06 PM »
Hello
Roguekiller detect this but i am not sure if i can delete it?
Roguekiller detect this but i am not sure if i can delete it?
Pages: [1]
